VPN help suggestions
Serge van Ginderachter
serge at vanginderachter.be
Sat Jun 26 00:08:58 UTC 2010
On 26 June 2010 00:39, Eric Peters <eric at linuxsystems.net> wrote:
> Anybody have any other suggestions I can try?
I have set up OpenVPN with password athentication to Active Directory. I'll
paste you my notes on this setup.
See also #
http://www.matthardy.info/2009/configure-openvpn-to-authenticate-against-active-directory-ldap-in-linux/
openvpn.conf file:
plugin /usr/lib/openvpn/openvpn-auth-ldap.so auth-ldap.cfg
auth-ldap.cfg for windows active directory
<http://www.matthardy.info/2009/configure-openvpn-to-authenticate-against-active-directory-ldap-in-linux/>
<LDAP>
# LDAP server URL
URL ldap://zeus.COMPANY.be
# Bind DN (If your LDAP server doesn't support anonymous binds)
BindDN "CN=OpenVPN,OU=Service Accounts,DC=COMPANY,DC=be"
# Bind Password
# Password SecretPassword
Password XXXXXXXXXX
# Network timeout (in seconds)
Timeout 15
# Enable Start TLS
#TLSEnable yes
TLSEnable no
</LDAP>
<Authorization>
# For active directory, I used sAMAccountName to search by username
# I also configured the original search filter to contain the group
membership, instead of using the
# RequireGroup directive below
# Base DN
BaseDN "OU=Accounts,DC=COMPANY,DC=be"
# User Search Filter
#SearchFilter "(&(uid=%u)(accountStatus=active))"
SearchFilter "(&(sAMAccountName=%u)(memberOf=
cn=VPN_Access,OU=Security Groups,OU=Accounts,DC=COMPANY,DC=be))"
# Require Group Membership
RequireGroup false
</Authorization>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20100626/7e2dd48e/attachment.html>
More information about the ubuntu-server
mailing list